package cn.lll.vuehouse.shiro;


import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;


//配置类
@Configuration
public class ShiroWebConfig {

    //shiro过滤器设置
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);


        //自定义（过滤器）别名（jwt）       用于存储自定义过滤器
        HashMap<String, Filter> stringFilterHashMap = new HashMap<>();
        stringFilterHashMap.put("jwt",new JWTFilter());
        shiroFilterFactoryBean.setFilters(stringFilterHashMap);
        //设置拦截路径
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        //放行验证码
        map.put("/captcha","anon");
        map.put("/user/login","anon");
        //需要进行JWT身份验证，即需要使用JWTFilter过滤器进行身份验证。
        map.put("/**","jwt");
        //将自定义的过滤器和拦截路径设置到ShiroFilterFactoryBean对象中，并返回该对象。
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }



    //配置安全控制器  将传入的customerRealm设置为该安全管理器的Realm。最后，返回该安全管理器对象。
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(CustomerRealm customerRealm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(customerRealm);
        return defaultWebSecurityManager;
    }
    @Bean
    public CustomerRealm customerRealm(){
        CustomerRealm customerRealm = new CustomerRealm();
        return customerRealm;
    }

}
